Team

Introduction

This document describes a network policy framework (NPF) for ONOS, including its design, implementation and operation. The purpose of this NPF is to provide an abstraction layer that hides the technology-specific details of the control and data planes by providing a human-readable interface that simplifies the enforcement of low-level and technology-specific actions to the network (e.g. installation of OpenFlow rules, constraint monitoring, etc.). This prototype is integrated into the ONOS SDN controller and it is responsible for translating generic policies received through a dedicated REST API into OpenFlow (OF) flow rules.

...

This work has been performed in the framework of the NGPaaS project, funded by the European Commission under the Horizon 2020 and 5G-PPP Phase2 programmes, under Grant Agreement No. 761 557 (http://ngpaas.eu).

Source

The source code of the Network Policy Framework is currently available at:

• Policy Manager: https://github.com/sdnpdtu/NPFManager
• Firewall Policy: https://github.com/sdnpdtu/NPF_PT_Firewall
• Connectivity Policy: https://github.com/sdnpdtu/NPF_PT_Connectivity
• NAT Policy:  https://github.com/sdnpdtu/NPF_PT_Nat

Design

The NPF was designed to support platform-wide and technology-agnostic policies. To this end, a policy model and a policy life cycle were defined. The former allows defining policies in a generic way regardless of the underlying technologies, while the latter defines the possible states of a policy as well as the logic to move from one state to another. These two concepts are summarized hereafter.

...